0

I am currently developing an app that sends the data encrypted to a server, because the important thing with the app is that the server should never know what data is there, only the client should decrypt this data.

I have already searched a lot on the Internet and thought about it myself and the idea came to my mind that you generate a key and then simply scan it with a QR code on another device and then you also have this key there to decrypt.

But now I ask myself if it is somehow possible even better and if you could send the key somehow different or if there is a better way to implement this scenario.

Because the thing with the QR code is bad for the user experience and if the user deletes the app on all devices and he installs it again like after 1 month he can never use the app again, because the key is gone forever.

Improve this question

    1 Answer 1

    Reset to default
    0

    One such mechanism would be to encrypt the key locally and send it to be stored on the server.

    For example:

    Use PBKDF2 with a user chosen recovery password to generate a key. Use the key that pops out to encrypt the long term key. Once the user logs in on a new device the wrapped key can be downloaded and the user prompted for their recovery key. If the user forgets their recovery key, it's gone forever. But if one is serious about user security, this should be understood and accepted.

    Improve this answer
    6
    • Okay, thanks for your answer. I also thought of something like that, but of course you need to have a password again and share it. I thought that it must work that way, but I always wonder how Whatsapp or other apps encrypt all data without asking for passwords. Is there no way to implement it without asking for a recovery key?
      – Marco
      CommentedOct 19, 2022 at 18:47
    • welcome - i thought you only had one user? would you only need to recover once, after which, you would still use the same mechanism to establish another device? "is there a way to implement it without asking for a recovery key?" store the key in plaintext, written on paper - there are many algorithms that make it easier to store high-entropy data, eg. bubble babble, diceware, bip39 ... i like your first idea of a qrcode: print this securely using an offline label printer, and put the sticker on the inside of a locked cabinet - but i would still feed this to a password-based kdf, as suggested
      – brynk
      CommentedOct 19, 2022 at 19:04
    • Hello, thanks also for your help. However, the project is an app in the app store so with any number of users and it should store the data encrypted on the server, so that the server does not know what values are stored, because this is a finance app. The QR code would work fine for one user, but the app should be "foolproof" so that even people who forget passwords should always have access to them and no extra key. :)
      – Marco
      CommentedOct 19, 2022 at 19:33
    • 1
      @Marco that may be impossible. There has to be a secret to do encryption. Someone has to keep track of that secret. It is commonly something the user knows. Otherwise the server has to keep track of the secret and there is an obvious security implication there. But plenty of people just trust cloud services so it likely would not stop your app from being a commercial success.
      – foreverska
      CommentedOct 19, 2022 at 19:37
    • @foreverska alright, thank you very much for your answer. Do you maybe know how apps like Whatsapp are doing it? I mean you can just install it on a new device and use it there without entering a password🤔
      – Marco
      CommentedOct 19, 2022 at 20:16

    You must log in to answer this question.

    Start asking to get answers

    Find the answer to your question by asking.

    Ask question

    Explore related questions

    See similar questions with these tags.